Update werkzeug to 2.2.1

[pyup-bot]

This PR updates Werkzeug from 2.0.3 to 2.2.1.

Changelog

### 2.2.1 ``` ------------- Released 2022-07-27 - Fix router so that ``/path/`` will match a rule ``/path`` if strict slashes mode is disabled for the rule. :issue:`2467` - Fix router so that partial part matches are not allowed i.e. ``/2df`` does not match ``/<int>``. :pr:`2470` - Fix router static part weighting, so that simpler routes are matched before more complex ones. :issue:`2471` - Restore ``ValidationError`` to be importable from ``werkzeug.routing``. :issue:`2465` ``` ### 2.2.0 ``` ------------- Released 2022-07-23 - Deprecated ``get_script_name``, ``get_query_string``, ``peek_path_info``, ``pop_path_info``, and ``extract_path_info``. :pr:`2461` - Remove previously deprecated code. :pr:`2461` - Add MarkupSafe as a dependency and use it to escape values when rendering HTML. :issue:`2419` - Added the ``werkzeug.debug.preserve_context`` mechanism for restoring context-local data for a request when running code in the debug console. :pr:`2439` - Fix compatibility with Python 3.11 by ensuring that ``end_lineno`` and ``end_col_offset`` are present on AST nodes. :issue:`2425` - Add a new faster matching router based on a state machine. :pr:`2433` - Names within options headers are always converted to lowercase. This matches :rfc:`6266` that the case is not relevant. :issue:`2442` - ``AnyConverter`` validates the value passed for it when building URLs. :issue:`2388` - The debugger shows enhanced error locations in tracebacks in Python 3.11. :issue:`2407` - Added Sans-IO ``is_resource_modified`` and ``parse_cookie`` functions based on WSGI versions. :issue:`2408` - Added Sans-IO ``get_content_length`` function. :pr:`2415` - Don't assume a mimetype for test responses. :issue:`2450` - Type checking ``FileStorage`` accepts ``os.PathLike``. :pr:`2418` ``` ### 2.1.2 ``` ------------- Released 2022-04-28 - The development server does not set ``Transfer-Encoding: chunked`` for 1xx, 204, 304, and HEAD responses. :issue:`2375` - Response HTML for exceptions and redirects starts with ``<!doctype html>`` and ``<html lang=en>``. :issue:`2390` - Fix ability to set some ``cache_control`` attributes to ``False``. :issue:`2379` - Disable ``keep-alive`` connections in the development server, which are not supported sufficiently by Python's ``http.server``. :issue:`2397` ``` ### 2.1.1 ``` ------------- Released 2022-04-01 - ``ResponseCacheControl.s_maxage`` converts its value to an int, like ``max_age``. :issue:`2364` ``` ### 2.1.0 ``` ------------- Released 2022-03-28 - Drop support for Python 3.6. :pr:`2277` - Using gevent or eventlet requires greenlet>=1.0 or PyPy>=7.3.7. ``werkzeug.locals`` and ``contextvars`` will not work correctly with older versions. :pr:`2278` - Remove previously deprecated code. :pr:`2276` - Remove the non-standard ``shutdown`` function from the WSGI environ when running the development server. See the docs for alternatives. - Request and response mixins have all been merged into the ``Request`` and ``Response`` classes. - The user agent parser and the ``useragents`` module is removed. The ``user_agent`` module provides an interface that can be subclassed to add a parser, such as ua-parser. By default it only stores the whole string. - The test client returns ``TestResponse`` instances and can no longer be treated as a tuple. All data is available as properties on the response. - Remove ``locals.get_ident`` and related thread-local code from ``locals``, it no longer makes sense when moving to a contextvars-based implementation. - Remove the ``python -m werkzeug.serving`` CLI. - The ``has_key`` method on some mapping datastructures; use ``key in data`` instead. - ``Request.disable_data_descriptor`` is removed, pass ``shallow=True`` instead. - Remove the ``no_etag`` parameter from ``Response.freeze()``. - Remove the ``HTTPException.wrap`` class method. - Remove the ``cookie_date`` function. Use ``http_date`` instead. - Remove the ``pbkdf2_hex``, ``pbkdf2_bin``, and ``safe_str_cmp`` functions. Use equivalents in ``hashlib`` and ``hmac`` modules instead. - Remove the ``Href`` class. - Remove the ``HTMLBuilder`` class. - Remove the ``invalidate_cached_property`` function. Use ``del obj.attr`` instead. - Remove ``bind_arguments`` and ``validate_arguments``. Use :meth:`Signature.bind` and :func:`inspect.signature` instead. - Remove ``detect_utf_encoding``, it's built-in to ``json.loads``. - Remove ``format_string``, use :class:`string.Template` instead. - Remove ``escape`` and ``unescape``. Use MarkupSafe instead. - The ``multiple`` parameter of ``parse_options_header`` is deprecated. :pr:`2357` - Rely on :pep:`538` and :pep:`540` to handle decoding file names with the correct filesystem encoding. The ``filesystem`` module is removed. :issue:`1760` - Default values passed to ``Headers`` are validated the same way values added later are. :issue:`1608` - Setting ``CacheControl`` int properties, such as ``max_age``, will convert the value to an int. :issue:`2230` - Always use ``socket.fromfd`` when restarting the dev server. :pr:`2287` - When passing a dict of URL values to ``Map.build``, list values do not filter out ``None`` or collapse to a single value. Passing a ``MultiDict`` does collapse single items. This undoes a previous change that made it difficult to pass a list, or ``None`` values in a list, to custom URL converters. :issue:`2249` - ``run_simple`` shows instructions for dealing with "address already in use" errors, including extra instructions for macOS. :pr:`2321` - Extend list of characters considered always safe in URLs based on :rfc:`3986`. :issue:`2319` - Optimize the stat reloader to avoid watching unnecessary files in more cases. The watchdog reloader is still recommended for performance and accuracy. :issue:`2141` - The development server uses ``Transfer-Encoding: chunked`` for streaming responses when it is configured for HTTP/1.1. :issue:`2090, 1327`, :pr:`2091` - The development server uses HTTP/1.1, which enables keep-alive connections and chunked streaming responses, when ``threaded`` or ``processes`` is enabled. :pr:`2323` - ``cached_property`` works for classes with ``__slots__`` if a corresponding ``_cache_{name}`` slot is added. :pr:`2332` - Refactor the debugger traceback formatter to use Python's built-in ``traceback`` module as much as possible. :issue:`1753` - The ``TestResponse.text`` property is a shortcut for ``r.get_data(as_text=True)``, for convenient testing against text instead of bytes. :pr:`2337` - ``safe_join`` ensures that the path remains relative if the trusted directory is the empty string. :pr:`2349` - Percent-encoded newlines (``%0a``), which are decoded by WSGI servers, are considered when routing instead of terminating the match early. :pr:`2350` - The test client doesn't set duplicate headers for ``CONTENT_LENGTH`` and ``CONTENT_TYPE``. :pr:`2348` - ``append_slash_redirect`` handles ``PATH_INFO`` with internal slashes. :issue:`1972`, :pr:`2338` - The default status code for ``append_slash_redirect`` is 308 instead of 301. This preserves the request body, and matches a previous change to ``strict_slashes`` in routing. :issue:`2351` - Fix ``ValueError: I/O operation on closed file.`` with the test client when following more than one redirect. :issue:`2353` - ``Response.autocorrect_location_header`` is disabled by default. The ``Location`` header URL will remain relative, and exclude the scheme and domain, by default. :issue:`2352` - ``Request.get_json()`` will raise a 400 ``BadRequest`` error if the ``Content-Type`` header is not ``application/json``. This makes a very common source of confusion more visible. :issue:`2339` ```

Links

- PyPI: https://pypi.org/project/werkzeug - Changelog: https://pyup.io/changelogs/werkzeug/ - Homepage: https://palletsprojects.com/p/werkzeug/

[pyup-bot]

Closing this in favor of #212